package cn.gwpay.cloud.module.system.framework.security.config;

import cn.gwpay.cloud.framework.security.config.AuthorizeRequestsCustomizerInterface;
import cn.gwpay.cloud.module.system.enums.ApiConstants;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

/**
 * System 模块的 Security 配置
 */
@Configuration(proxyBeanMethods = false, value = "systemSecurityConfiguration")
public class SecurityConfiguration {

    @Bean("systemAuthorizeRequestsCustomizer")
    public AuthorizeRequestsCustomizerInterface authorizeRequestsCustomizer() {
        return registry -> {
            // Swagger 文档
            registry.antMatchers("/v3/api-docs/**").permitAll();
            registry.antMatchers("/webjars/**").permitAll();
            registry.antMatchers("/swagger-ui").permitAll();
            registry.antMatchers("/swagger-ui/**").permitAll();

            // Druid 监控
            registry.antMatchers("/druid/**").permitAll();

            // Actuator 端点
            registry.antMatchers("/actuator").permitAll();
            registry.antMatchers("/actuator/**").permitAll();

            // RPC 接口
            registry.antMatchers(ApiConstants.PREFIX + "/**").permitAll();
        };
    }
}
